Information Security Officer / Circa £40,000 per annum / Leeds
Access IT & Digital Talent are partnering with an organisation who are looking for a talented individual to help manage their Information Security governance and compliance to support gaining ISO/IEC 27001 accreditation at the earliest opportunity. The appointee will work with the wider business to develop a robust Information Security framework and strategy through which they can assure that tools, policies, processes and supporting governance ensures the organisation is managing information security risk effectively.
The appointee will work alongside senior stakeholders within the business to assist in the design, documentation and communication in all areas of information security, with particular reference to the ISO/IEC 27001 framework. Once accredited, it will be the responsibility of the Information Security Officer to own the audits, reports and corrective actions required to ensure the business remain compliant and able to successfully pass future external audits.
Following the successful accreditation for ISO/IEC 27001, it will fall to the Information Security Officer to work with the wider business to identify other appropriate controls and accreditations to support the business as it grows in stature and global presence across new markets and business sectors.
Whilst this is a critical role within the organisation, my client is committed to providing opportunities to those looking for the next challenge in their career, where attitude and behaviour counts as much, if not more, than experience and qualifications. The successful candidate will have the ongoing support of a team with many years of IT and Cyber Security experience between them to help shape a mature and robust information security posture.
This role will be based in the Leeds Security Operations Centre or will travel to the SOC regularly and work with the leadership team in Hampshire.
Qualifications and requirements
A Good understanding of Information Security standards; ISO27001, Cyber Essentials
Security certifications (desirable)
Experience working within a regulated environment (desirable)
Experience of assessing control effectiveness and identifying opportunities for improvement
Understanding and experience of operation and management of GRC in corporate environments
Knowledge and experience of cyber security and information security principles and processes
Understanding of current UK data protection requirements and the General Data Protection Regulation
This is an excellent opportunity to work with a company who invest heavily in their employees and it offers fantastic career development opportunities